has anyone fuzz ffmpeg,how to compile ffmpeg source code

957 views
Skip to first unread message

6231...@qq.com

unread,
Oct 13, 2016, 4:21:55 AM10/13/16
to afl-users
I download ffmpeg-0.11.1.tar.gz from https://ffmpeg.org/releases/  ,and then CC=../../afl-2.33b/afl-gcc CXX=../../afl-2.33b/afl-g++ ./configure --disable-shared; make
but when I do this afl-fuzz -i input/ -o output/ -m 1G -- ./ffmpeg -threads 1 -i @@ -threads 1 -f null /dev/null
I get this:
    Looks like the target binary is not instrumented! The fuzzer depends on
    compile-time instrumentation to isolate interesting test cases while
    mutating the input data. For more information, and for tips on how to
    instrument binaries, please see /usr/local/share/doc/afl/README.

    When source code is not available, you may be able to leverage QEMU
    mode support. Consult the README for tips on how to enable this.
    (It is also possible to use afl-fuzz as a traditional, "dumb" fuzzer.
    For that, you can use the -n option - but expect much worse results.)

can anybody help me,how to compile ffmpeg?thanks advanced

floyd

unread,
Oct 13, 2016, 4:39:32 AM10/13/16
to afl-...@googlegroups.com
see
https://github.com/floyd-fuh/afl-crash-analyzer/blob/master/testcases/ffmpeg/install.sh

cheers,
floyd
> --
> You received this message because you are subscribed to the Google
> Groups "afl-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to afl-users+...@googlegroups.com
> <mailto:afl-users+...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.

--
floyd
@floyd_ch
http://www.floyd.ch

future

unread,
Oct 13, 2016, 5:07:41 AM10/13/16
to afl-users
thanks,sincerely!


------------------ 原始邮件 ------------------
发件人: "floyd"<fl...@floyd.ch>;
发送时间: 2016年10月13日(星期四) 下午4:39
收件人: "afl-users"<afl-...@googlegroups.com>;
主题: Re: [afl-users] has anyone fuzz ffmpeg,how to compile ffmpeg source code
On 13/10/16 10:21, 623102677@qq.com wrote:
> I download ffmpeg-0.11.1.tar.gz from https://ffmpeg.org/releases/  ,and
> then CC=../../afl-2.33b/afl-gcc CXX=../../afl-2.33b/afl-g++ ./configure
> --disable-shared; make
> but when I do this afl-fuzz -i input/ -o output/ -m 1G -- ./ffmpeg
> -threads 1 -i @@ -threads 1 -f null /dev/null
> I get this:
>     Looks like the target binary is not instrumented! The fuzzer depends on
>     compile-time instrumentation to isolate interesting test cases while
>     mutating the input data. For more information, and for tips on how to
>     instrument binaries, please see /usr/local/share/doc/afl/README.
>
>     When source code is not available, you may be able to leverage QEMU
>     mode support. Consult the README for tips on how to enable this.
>     (It is also possible to use afl-fuzz as a traditional, "dumb" fuzzer.
>     For that, you can use the -n option - but expect much worse results.)
>
> can anybody help me,how to compile ffmpeg?thanks advanced
>
> --
> You received this message because you are subscribed to the Google
> Groups "afl-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to afl-users+unsubscribe@googlegroups.com
> <mailto:afl-users+unsubscribe@googlegroups.com>.

> For more options, visit https://groups.google.com/d/optout.

--
floyd
@floyd_ch
http://www.floyd.ch

--
You received this message because you are subscribed to a topic in the Google Groups "afl-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/afl-users/upBC_zMOo-A/unsubscribe.
To unsubscribe from this group and all its topics, send an email to afl-users+unsubscribe@googlegroups.com.

Jacek Wielemborek

unread,
Oct 13, 2016, 10:23:10 AM10/13/16
to afl-...@googlegroups.com
W dniu 13.10.2016 o 10:21, 6231...@qq.com pisze:
One other way to quickly build a program you want to fuzz is to use
aflize Docker environment:

github.com/d33tah/aflize

signature.asc
Reply all
Reply to author
Forward
0 new messages